PT-2017-13196 · Prominent · Prominent Multiflex M10A Controller
Maxim Rupp
·
Publicado
2017-10-17
·
Atualizado
2019-10-09
·
CVE-2017-14005
CVSS v2.0
6.5
Média
| Vetor | AV:N/AC:L/Au:S/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions
ProMinent MultiFLEX M10a Controller (affected versions not specified)
Description
A security issue was found in the ProMinent MultiFLEX M10a Controller web interface, where it is possible to change a user's password without knowing the original password. This could allow an authenticated attacker to change a user's password, enabling future access and possible configuration changes.
Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Identificadores relacionados
Produtos afetados
Prominent Multiflex M10A Controller